It was discovered that several invalid HTTPS certificates were issued andrevoked. An attacker could exploit these to perform a man in the middleattack to view sensitive information or alter encrypted communications.These certificates were marked as explicitly not trusted to prevent theirmisuse. [More...]